Google disrupted the Glupteba botnet used to steal personal information and mine cryptocurrency

Google found that Glupteba has infected about a million Microsoft Windows devices worldwide, which would put it among the largest botnets analyzed by security experts. In a complaint filed in federal court in New York on Tuesday, Google detailed several different crimes it alleges hackers use the botnet to perpetuate, including stealing and selling log-in information for Google accounts, and selling access to captured devices to other criminals who want to hide their Internet activity.


Google warns cryptocurrency miners are hacking cloud accounts, suggests ways to counter cyber threat

The biggest threat plaguing cyberspace though, is one that’s trying to make the most out of today’s big buzzword, aka cryptocurrency. (Reuters Image)

© Provided by The Financial Express
The biggest threat plaguing cyberspace though, is one that’s trying to make the most out of today’s big buzzword, aka cryptocurrency. (Reuters Image)

Global search engine giant Google has revealed that hackers are increasingly targeting compromised cloud accounts to mine cryptocurrency. The revelation is part of a new report from Google’s in-house cybersecurity action team.

Google’s cybersecurity team, which spots cyber threats and gives advice on how to tackle them, has come out with a report called “threat horizon” that sheds light on multiple threats currently looming in cyberspace.

As per the report, Russian state hackers have been attempting to dupe users into giving away their passwords on the pretence that they were being targeted by government-backed attackers. In North Korea, hackers have been trying to lure users with fraudulent job offers from big-ticket firms like Samsung.

Crypto miners hacking Google cloud accounts

The biggest threat plaguing cyberspace though, is one that’s trying to make the most out of today’s big buzzword, aka cryptocurrency.

Since “mining” blockchains that underpin cryptocurrencies require a significant amount of computing power and expensive software, 86 per cent of the cloud computing hacks are said to be used to perform cryptocurrency mining.

Democratic countries need to think about creating safe, accountable internet: MoS IT

The cryptocurrency mining software area is downloaded within 22 seconds after the cloud account has been hacked. Cyber-attackers take advantage of vulnerable third-party software and poor customer security to perform the hacks.

Other forms of cyber threat

The Google report says in one instance 12,000 Gmail accounts were targeted by the Russian government-backed hacking group APT28, also known as Fancy Bear, where users were tricked into handing over their user details through email.

Google says the attack was neutralised after all the phishing emails were blocked –’which focused on the UK, the US and India-and no users’ details had been compromised.’

Apple, Google get slapped with EUR 20-Million antitrust fine in Italy over ‘aggressive’ data practices

In another…


Cryptocurrency miners are now hacking accounts of Cloud users, Google warns

© Provided by The Indian Express

Google has warned that cyber criminals are now hacking Google cloud accounts to mine cryptocurrency. Details of the hack were highlighted in Google’s first threat horizon report published by the company’s cybersecurity action team.

The report said that 86 percent of the compromised Google Cloud instances were used to perform cryptocurrency mining, a cloud resource-intensive for-profit activity, adding that in the majority of cases, the cryptocurrency mining software was downloaded within 22 seconds of the account being compromised.

Google’s cloud service is the one of the most popular remote storage system, where the tech giant stores customers’ data and files in a remote server—which is technically capable of being used for crypto mining. Cryptocurrency mining requires high-powered computers, that are competing to solve complex mathematical puzzles, in a process that makes intensive use of computing power and electricity.

Read more |Unregulated cryptocurrency fueling ransomware attacks globally: Report

Interestingly, Google noted that of 50 percent hacks of its cloud computing service, more than 80 percent were used to perform cryptocurrency mining.

Cloud customers continue to face a variety of threats across applications and infrastructure, and many successful attacks are “due to poor hygiene and a lack of basic control implementation,” Google said in its blog post.

Additionally, 10 percent of compromised Cloud instances were used to conduct scans of other publicly available resources on the internet to identify vulnerable systems, and 8 percent of instances were used to attack other targets. “While data theft did not appear to be the objective of these compromises, it remains a risk associated with the cloud asset compromises as bad actors start performing multiple forms of abuse,” Google added.

Read more |Regulators don’t have capability to monitor cyber risk in crypto exchanges: Raghuram Rajan

The tech giant has recommended its cloud customers to improve their security by enabling two-factor authentication—it is an extra layer of protection used to ensure the security of online accounts beyond just a username and…


How hackers are hijacking YouTube accounts to run ads for cryptocurrency scams

Google’s Threat Analysis Group has shared details about a long-running phishing campaign targeting YouTubers. The campaign, apparently being carried out by hackers recruited in a Russian-speaking forum, uses “fake collaboration opportunities” to attract YouTubers, then hijacks their channel using a “pass-the-cookie attack,” with the goal of either selling it off or using it to broadcast—of course—cryptocurrency scams.

The attacks begin with a phishing email offering a promotional collaboration. Once the deal is agreed, the YouTuber is sent a link to a malware page disguised to look like a download URL. This is where the real action begins: When the target runs the software, it pulls cookies from their PCs and uploads them to “command and control servers” operated by the hackers.